The College of Physicians and Surgeons of Nova Scotia (the “College”) is committed to maintaining the confidentiality and security of personal information. We are responsible for all personal information that is entrusted to us.
The College stores and maintains personal information according to the ten principles of the Personal Information Protection and Electronic Documents Act (PIPEDA).
What is Personal Information?
Personal information is information about an “identifiable” individual, which includes names, addresses, telephone numbers, e-mail addresses, credit card information, or other contact information and personally identifiable data, date of birth, social insurance number, age, marital and financial status, race, national or ethnic origin, and religion. It also includes opinions about that individual.
The ten principles of the CSA Model Code as applied by the College
The College is accountable for all personal information under its control, including information which it may transfer to a third party. The College collects, uses and discloses information in accordance with its obligations under the Nova Scotia Medical Act and PIPEDA. Staff are trained in standards and guidelines with respect to privacy and confidentiality.
To fulfill this purpose, the College has designated an individual as a Privacy Officer who is responsible for everyday operation and control of personal information as well as the College’s compliance with this Statement.
From time to time, the College discloses personal information to third parties for administrative and licensing purposes. Third parties are required to sign confidentiality agreements which reinforce the strict confidentiality obligations on them.
2. Identifying Purposes:
The College is required, pursuant to the Nova Scotia Medical Act, to regulate the practice of medicine in the province with due regard to the public interest. The College uses personal information of its members to carry out this function. The purposes for which the College collects information include:
- Membership application
- Regulatory purposes
- Registration and licensing
- Credentials verification and assessment
- Incorporation membership
- Record of membership and licensees / member status
- Peer Review
- Complaints and investigations (we ensure the confidentiality of the complainant and the physician as set out in the College’s publication policies)
- Communication with members
- Publication distribution
- Establish and maintain updated physician listings to publish on the College website and made available to inquirers
- Administer members’ affiliations with the Canadian Medical Association (CMA), the Nova Scotia Department of Health, the Medical Services Insurance Program (MSI), the Medical Identification Number for Canada (MINC), etc.
- Demographics: research, analysis and planning
- Correspondence information and documents with third party as required by our objectives and to interchange information with regulatory bodies worldwide
- Compile Statistics
- Payment of annual fee
If the College wishes to use personal information for a purpose not identified, the new purpose will be identified and the College will seek consent prior to use, unless required or permitted by law.
The College is dedicated to ensuring that members are aware of the purposes for which personal information is gathered, the use of the information and reasons for disclosure. The College obtains consent from members for the collection, use and disclosure of personal information. In certain circumstances, the consent for the individual can be obtained after collection of the information, but before use.
The College will not, as a condition of the supply of goods or services, require that an individual consent to the collection, use, or disclosure of information beyond what is required for legitimate and communicated purposes. Some information related to licensing, competence and professional development must be provided as a condition of obtaining and maintaining one’s professional status.
There may be circumstances where consent may be implied by the circumstances. In such cases, the purpose for the collection and use of personal information must be apparent and the College may only use the personal information for the apparent purpose. In such a case, the College will not use that information for any other purpose.
The law provides certain exceptions to the usual requirement to obtain an individual’s consent. For example, an organization may collect and use personal information in circumstances where the collection and/or use of such information is clearly in the interests of the individual and consent cannot be obtained in a timely way. Similarly, personal information may be collected and used without the consent of the individual if the information is reasonably required to investigate a breach of an agreement, a violation of the law or investigations related to professional discipline and there is reason to believe that obtaining consent may compromise the availability or accuracy of such information.
Members can withdraw consent anytime for the retention and use of personal information, but only to the extent that such consent withdrawal does not affect the ability of the College to carry out its statutory functions. The College will inform the member of the implications of such withdrawal.
4. Limiting Collection:
The College collects personal information only to the extent necessary for the purposes identified. Personal information is collected in a fair and lawful manner.
5. Limiting Use, Disclosure and Retention:
The College does not sell or trade your personal information to third parties. Personal information is only used or disclosed for the purpose for which it was collected with the consent of the member, or as required by law.
The personal information of the member is retained as long as it is considered necessary according to the College’s Document Retention policy.
The College is dedicated to maintaining your personal information in a form that is accurate, complete and current as is necessary for the fulfillment of the College’s purposes. Members are encouraged to contact the College and update any changes in their personal information.
The College takes reasonable steps to ensure that personal information is protected against loss, unauthorized access, use, disclosure and alteration. This protection applies to both electronic and hard copy form.
The safeguards used by the College include:
- Physical Measures: Locked filing cabinets, key-pads or locks to restricted areas, alarm system in the office.
- Organizational Measures: Employees’ training, confidentiality agreements, limited access on “need to know” basis
- Technological Measures: Use of security software, password, firewall and encryption
- Destruction Measures: Records and documents of the members are destroyed in a confidential manner (e.g. shredding of paper records, wiped clean/deleting of discs and physical destruction of hard drives)
- Third party obligations: Contractual privacy agreement with third parties. To ensure the protection of your personal information, third parties enter into a legal contract and confidentiality agreement before the College uses their services.
The College is open about its policies and procedures and will provide members with specific information relating to the maintenance of personal information. These policies are available by contacting the College’s Privacy Officer.
9. Individual Access:
Members may contact the Privacy Officer at any time to discuss access to personal information. Upon written request, access will be provided. A small fee may be applied to cover the cost of administration. In certain situations, such as legal or regulatory requirements, the College may not be able to offer you access to your personal information and will provide you with the reasons for denial. The College will correct or amend personal information that is shown to be incomplete or inaccurate.
10. Challenging Compliance:
Website Privacy and Security
The College uses encryption technology and security certificates (https) on all web pages that require members or applicants to submit payment online. All transactions are handled by a third-party payment processor that meets strict security requirements.
The College takes reasonable steps to protect your personal information, but we are not responsible or liable for the security of your personal information on external websites to which we provide links (e.g. non-CPSNS) websites. External links are provided for the convenience of users. The College encourages members to read the privacy policies of all websites visited, especially if personal information is shared.
Kellie Skelhorn, Chief Operating Officer, Associate Registrar
College of Physicians and Surgeons of Nova Scotia
Suite 400 – 175 Western Parkway